VYPR
Critical severityOSV Advisory· Published Jan 20, 2026· Updated Jan 21, 2026

CVE-2025-65482

CVE-2025-65482

Description

An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
fr.opensagres.xdocreport:fr.opensagres.xdocreport.documentMaven
>= 0.9.2, < 2.0.42.0.4

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.